package jdbc;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;

/**
 * 预编译SQL语句
 * 1. 预编译SQL语句，避免SQL语句的拼接，提高效率
 */
public class JDBCDemo7 {
    public static void main(String[] args) {
        //
        UserInfo userinfo = InputUtil.getInputObject(new UserInfo(),"欢迎登录","登录");
        try (
                Connection connection = DBUtil.getConnection()
        ){
            String sql = "SELECT id,username,password,nickname,age " +
                    " FROM userinfo " +
                    " WHERE username=? AND password=?";
            PreparedStatement ps = connection.prepareStatement(sql);
            ps.setString(1,userinfo.getUsername());
            ps.setString(2,userinfo.getPassword());

            ResultSet rs = ps.executeQuery();
            if (rs.next()) {
                System.out.println("登陆成功,欢迎你:"+rs.getString("nickname"));
            }else {
                System.out.println("用户名或密码错误");
            }

        }catch (Exception e){
            e.printStackTrace();
        }
    }
}